Biz & IT —

Pentagon e-mail taken down by hackers

The Secretary of Defense has confirmed that a security breach perpetrated by …

At a Department of Defense media roundtable yesterday, Secretary of Defense Robert Gates confirmed that an incursion by hackers was responsible for a Pentagon e-mail outage that occurred Wednesday and disrupted e-mail service for over 1,500 Pentagon workers.

According to Gates, portions of the Pentagon e-mail system were disabled in response to hacking activity. "Elements of the OSD unclassified e-mail system were taken offline yesterday afternoon, due to a detected penetration," said Gates, according to a transcript of the event published by the Defense Department. "We obviously have redundant systems in place, and there is no anticipated adverse impact on ongoing operations. There will be some administrative disruptions and personal inconveniences."

Although Gates claims that the circumstances behind this particular digital incursion are still under investigation and he doesn't know why it led to a disruption in Pentagon mail service, he estimates that the Pentagon repels "perhaps hundreds of attacks a day." When asked if his own e-mail was disrupted by the security breach, Gates explained that he is a "low-tech person" and doesn't personally "do e-mail."

Who could be behind the latest large-scale digital attacks on the Pentagon? Some speculate that it could be the Chinese. According to officials in the Navy's Network Warfare Command (Netwarcom) unit who are quoted in an FCW article published earlier this year, one of the most significant security threats faced by the US military comes from China, where a tremendous volume of sophisticated computer security intrusion attempts originate. Netwarcom believes that the Chinese government is responsible for orchestrating hacking campaigns aimed at disrupting or infiltrating United States military systems.

Of course, large-scale infiltration of secure military systems containing sensitive data doesn't necessarily require the support of a major foreign power. Hacker Gary McKinnon, the self-described "bumbling computer nerd," infiltrated almost 100 servers owned by the Defense Department, Navy, Army, Air Force, and other government agencies in 2001 and 2002 while looking for evidence of a UFO cover-up and alien propulsion technology. McKinnon, who is credited with the biggest military computer hack on record and now faces extradition, used little more than a brute-force Perl script that attempted to use default passwords.

The recent disruption of Pentagon e-mail by hackers reflects the vulnerability of U.S. technological infrastructure and illuminates the needs for better security standards. If a UFO-conspiracy theorist with a Perl script was able to get through government computer security and the Pentagon repels hundreds of attacks every day, one wonders how many hackers are getting through undetected. Unfortunately, the federal government's rather peculiar priorities and poor record on cybersecurity raise some questions about how seriously these security problems are being regarded.